Lucene search
K

77 matches found

Prion
Prion
added 2017/06/14 1:29 p.m.17 views

Information disclosure

An information disclosure vulnerability in the kernel ION subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android...

2.6CVSS4.3AI score0.01EPSS
Exploits0References3Affected Software1
Mozilla
Mozilla
added 2017/06/13 12:0 a.m.541 views

Security vulnerabilities fixed in Firefox 54 — Mozilla

A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. A use-after-free vulnerability when using an incorrect URL during the...

9.8CVSS0.7AI score0.02869EPSS
Exploits3References32Affected Software1
OSV
OSV
added 2017/05/12 3:29 p.m.3 views

CVE-2017-0624

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android...

5.5CVSS5.8AI score0.01017EPSS
Exploits0References2
OSV
OSV
added 2017/04/07 10:59 p.m.4 views

CVE-2017-0586

An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

4.7CVSS7.3AI score0.01052EPSS
Exploits0References3
OSV
OSV
added 2017/04/07 10:59 p.m.5 views

UBUNTU-CVE-2017-0557

An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0,...

5.5CVSS5.8AI score0.00597EPSS
Exploits0References4
OSV
OSV
added 2017/03/08 1:59 a.m.3 views

CVE-2016-8483

An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android...

5.5CVSS7.3AI score0.00961EPSS
Exploits0References5
OSV
OSV
added 2017/03/08 1:59 a.m.4 views

UBUNTU-CVE-2017-0534

An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18...

4.7CVSS7.3AI score0.00866EPSS
Exploits0References4
OSV
OSV
added 2016/12/13 7:59 p.m.4 views

UBUNTU-CVE-2016-6720

An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is...

5.5CVSS6.4AI score0.00674EPSS
Exploits0References7
OSV
OSV
added 2016/09/26 12:0 a.m.8 views

UBUNTU-CVE-2016-6153

osunix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impact by leveraging use of the current working directory for...

5.9CVSS6.9AI score0.0048EPSS
Exploits0References6
CNVD
CNVD
added 2016/01/23 12:0 a.m.5 views

Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Enterprise Manager Base Platform Agent Next Gen Component (CNVD-2016-00703)

Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. An unspecified vulnerability in the Enterprise Manager Base Platform Agent Next Gen component of Oracle Enterprise Manager Grid Control allows local attackers to exploit the vulnerability to access data...

4.3CVSS6.5AI score0.01602EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/23 12:0 a.m.5 views

Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Enterprise Manager Base Platform Agent Next Gen Component (CNVD-2016-00702)

Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. An unspecified vulnerability in the Enterprise Manager Base Platform Agent Next Gen component of Oracle Enterprise Manager Grid Control allows local attackers to exploit the vulnerability to access data...

2.1CVSS6.5AI score0.00402EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2016/01/17 5:59 a.m.2 views

CVE-2015-4958

IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 does not properly restrict browser caching, which allows local users to obtain sensitive information by reading cache files...

3.3CVSS5.4AI score0.00285EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

Vulnerabilities of the Gentoo Linux operating system, which allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the bash package up to version 4.2p37 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited locally...

6.9CVSS7.7AI score0.00413EPSS
Exploits0References4Affected Software1
Cent OS
Cent OS
added 2009/06/19 11:7 a.m.82 views

firefox, xulrunner security update

CentOS Errata and Security Advisory CESA-2009:1095 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open sour...

9.3CVSS7.3AI score0.09282EPSS
Exploits9References7
seebug.org
seebug.org
added 2007/03/13 12:0 a.m.30 views

Sun JMX RMI-IIOP本地非授权访问漏洞

Java Dynamic Management Kit (Java DMK)提供一组Java 类和工具,便于根据Java管理扩展(JMX)规范和SNMP标准开发安全的监控和管理解决方案。 如果拥有对某些本地数据访问权限的远程用户连接到了本地用户所创建的JMX RMI-IIOP服务器应用程序的话,JMX RMI-IIOP API中的安全漏洞就可能允许能够创建该应用程序的本地用户获取对这些数据的非授权访问。 这个漏洞仅影响包含有通过JMX RMI-IIOP API部署的应用程序的系统。满足了所有以下条件时JMX代理会出现这个漏洞: 1...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2005/12/31 12:0 a.m.6 views

PT-2005-5529 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM DB2 version 8.1 Description: The issue allows local users to gain unauthorized access and sensitive information, such as cleartext passwords, due to default permissions of read and write for the Everyone group in shared memory sections an...

7.1CVSS6.2AI score0.00762EPSS
Exploits0References9
CERT
CERT
added 2002/10/01 12:0 a.m.32 views

Microsoft Windows XMLHTTP component allows remote access to local data sources

Overview The Microsoft XMLHTTP ActiveX control allows unauthorized reading of any known file on a system. A victim must be enticed to visit a malicious site in order to be attacked. Description Description from MS02-008:Microsoft XML Core Services MSXML includes the XMLHTTP ActiveX control, which...

5CVSS5.5AI score0.19175EPSS
Exploits0References5
Rows per page
Query Builder